Cyberattacks happen anytime, anywhere. Society faces a great need to prevent or repel them. The necessary knowledge and expertise are scarce yet, at the same time, essential. Collaboration is crucial to this: the collective is always stronger than the individual.

ABN-AMRO, Achmea, ING, de Volksbank and TNO all see this need for collaboration and are joining forces. As of July 2020, they form the Partnership for Cyber Security Innovation (PCSI).

Unique form of cooperation

The PCSI specifically focuses its attention on innovation within the cybersecurity domain. The shared intention is crystal clear: the results of research and projects should help society to defend itself against tomorrow’s cyberattacks. Through intensive collaboration via an innovative ecosystem, the PCSI partners take a unique approach to connecting applied research, current data and problems from society within the field of cybersecurity.

"More and more parts of our society are dependent on information and technology. Proper information security has always been important but this is true even more today. Cooperation between industry, universities and others provides faster and smarter responses to new technologies but also to new threats. PCSI is the perfect platform to facilitate this cooperation and is the next step beyond an already proven very succesful cooperation."
Martijn Dekker, Chief Information Security Officer, ABN AMRO

Topical themes as a basis for projects

The PCSI works in an agile manner. Relevant themes are identified and periodically updated via a Security Radar. Project ideas are then generated within the Ideation Workshops for the themes that are selected. The selected ideas go into a staged innovation process in which they are reviewed every three months to see whether a next step will boost the value of the result. If not, the project is discontinued and the best possible ‘landing place’ in society is sought out for the results achieved so far. The learning points off the staged innovation process are taken into account in the subsequent selection of themes.

"Everyone has a plan until they get punched in the mouth (Mike Tyson). This is true for both life and for cybersecurity. We need to be better prepared for the unexpected. We need to innovate. By doing, researching, discussing & sharing experiences with our sparring partners. The PCSI gives us exactly that opportunity. To get in the ring and do this together with creative and talented people from other companies & sectors. I am convinced that we all benefit from this cooperative approach."
Leon Kers, Chief Information Security Officer, de Volksbank

First projects

Meanwhile, the first Ideation Workshop has taken place and three projects have been selected to enter the Explore Phase of the staged innovation process. These are explained in brief below.

1. Crystal ball DDoS detection

The idea here is to investigate whether new DDoS attacks can be predicted before they have an actual impact. This is comparable to the approach of tsunami warnings. We analyse public and private data using AI techniques.

"To pursue our empowering purpose, ING has to stay a step ahead of the cybersecurity challenges we’re facing now and in the future. This requires collaboration, innovation and access to collective knowledge and data. That’s why our cybersecurity team is keen to be a part of the PCSI ecosystem. Together we can develop cutting-edge solutions that contribute to a safer and more secure digital future for everyone."  
Beate Zwijnenberg, Global Chief Information Security Officer, ING

2. Security journey

With this idea, we are investigating whether the ‘customer journey methodology’ of marketers can be used to make employees more security-aware so that security incidents caused by human behaviour can be reduced. Using Customer Journey Mapping, marketers identify the purchasing process of prospects from the first contact through to the purchase and eventual brand loyalty. This allows you to experience, visualise and improve processes from the customer’s point of view. For the security journey, we use data-driven AI tooling to identify internal processes and define the right steps for each role involved.

“Achmea’s mission is, and will continue to be, to contribute to a healthy, safe and future-proof society. As part of our cooperative identity and current “Sum of US” strategy we focus on working together with customers and partners. For sure this counts for our cyber challenges that are becoming more complicated every day. PCSI offers a great platform to share knowledge and work together in finding innovative solutions for these challenges in a world that is become very digital, with an exponential growth in the way we use and exchange data. We believe we are stronger together and continue seeking internal and external partnerships in order to achieve our objectives.”
Willem van der Valk, Group Information Security Officer, Achmea

3. Collaborative fleet

This project aims to monitor behavior in order to map the way attackers work. The idea of this project is to combine information from multiple parties and thus get a better picture of the attackers and their methods. Through collaboration and information sharing, strategic insights are obtained that individual organizations would not be able to obtain otherwise.

"Within PCSI, TNO aims to co-develop and pilot new approaches in cybersecurity, by working and teaming with the best. As cybersecurity is increasingly dependent on addressing vulnerabilities across chains and organizations, cooperation in this area has become a necessity. TNO has a long term commitment to foster cybersecurity innovation and with PCSI we create a new chapter in our six year running shared research program with our partners."  
Berry Vetjens, Director Market of Unit ICT, TNO

For more information, please contact Reinder Wolthuis, program manager PCSI Reinder.wolthuis@tno.nl